實作:使用者登陸之後才能進入首頁,登出之後就不能進入首頁
1、使用者登入後,向Session中存入使用者資料。
2、進入首頁的時候要判斷使用者是否已經登入。
例:
先編寫首頁.jsp,即使用者登入後的頁面
%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>首頁</title>
<style>
h1{
color: cadetblue;
}
</style>
</head>
<body>
<h1>這是首頁,歡迎登入!</h1>
<hr>
<a href="/servlet/Logout">登出</a>
</body>
</html>
然後是登陸界面
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>歡迎登入</title>
</head>
<body>
<form action="/servlet/Login" method="post">
<input type="text" name="username" >
<input type="submit" value="登入">
</form>
<hr>
</body>
</html>
**
**
還有一個錯誤頁面,作用是當作當使用者錯誤輸入資訊或被攔截後的頁面
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>錯誤頁面</title>
</head>
<body>
<h1>很抱歉,你輸入的密碼不太對!</h1>
<hr>
<a href="/Login.jsp">傳回登陸頁面</a>
</body>
</html>
編寫LoginServlet類處理登入事件
public class LoginServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//獲得前端傳過來的參數
String username = req.getParameter("username");
if (username.equals("admin")){
//登陸成功将登入資訊放在Session中
req.getSession().setAttribute(Constant.USER_SESSION,req.getSession().getId());
resp.sendRedirect("/sys/success.jsp");
}else{
resp.sendRedirect("/Error.jsp");
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
上述代碼是将前端傳統過來的參數username做比對,當比對成功時,将使用者資訊存到Session中,然後servlet重定向到登陸成功界面Success.jsp,當比對失敗時,傳回到錯誤界面。
然後是編寫一個Logout類實作登出,使用者登出後,清除Session,回到登陸界面
public class Logout extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
Object user_session = req.getSession().getAttribute(Constant.USER_SESSION);
if (user_session!=null){
req.getSession().removeAttribute(Constant.USER_SESSION);
resp.sendRedirect("/Login.jsp");
}else{
resp.sendRedirect("/Login.jsp");
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
接下來編寫SysFilter過濾器,原理是要通路Success.jsp時,必須要經過該過濾器。在使用者點選登出時,Session被清空,是以經過過濾器時會被攔截下來,回到錯誤頁面。
public class SysFilter implements Filter {
@Override
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
if (request.getSession().getAttribute(Constant.USER_SESSION)==null){
response.sendRedirect("/Error.jsp");
}
filterChain.doFilter(req,resp);
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void destroy() {
}
}
别忘了配置web.xml
<servlet>
<servlet-name>LoginServlet</servlet-name>
<servlet-class>com.tt.servlet.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LoginServlet</servlet-name>
<url-pattern>/servlet/Login</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>Logout</servlet-name>
<servlet-class>com.tt.servlet.Logout</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Logout</servlet-name>
<url-pattern>/servlet/Logout</url-pattern>
</servlet-mapping>
<filter>
<filter-name>SysFilter</filter-name>
<filter-class>com.tt.filter.SysFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>SysFilter</filter-name>
<url-pattern>/sys/*</url-pattern>
</filter-mapping>